Issue #26: Add configuration for overtemperature flag to safety controller and include the config in the memory checking

2021-02-02 20:35:45 +01:00 · 2021-02-02 20:35:45 +01:00 · 50ad31d58a
parent 64bb06882f
commit 50ad31d58a
4 changed files with 92 additions and 1 deletions
--- a/stm-firmware/calibration.c
+++ b/stm-firmware/calibration.c
@ -193,6 +193,7 @@ shellmatta_retCode_t calibration_sequence_shell_cmd(shellmatta_handle_t shell, c
 	case CAL_START:
 		/* Clear errors of PT1000 reading */
 		safety_controller_ack_flag(ERR_FLAG_MEAS_ADC_WATCHDOG);
+		safety_controller_ack_flag(ERR_FLAG_OVERTEMP);
 		adc_pt1000_get_resistance_calibration(&offset, &sens_dev, &cal_active);
 		if (cal_active) {
 			shellmatta_printf(shell, "Already calibrated.\r\n\tOffset: %f\r\n\tSens: %f\r\n", offset, sens_dev);
@ -213,6 +214,7 @@ shellmatta_retCode_t calibration_sequence_shell_cmd(shellmatta_handle_t shell, c
 					ret_val = SHELLMATTA_BUSY;
 					shellmatta_printf(shell, "Measurement...\r\n");
 					safety_controller_ack_flag(ERR_FLAG_MEAS_ADC_WATCHDOG);
+					safety_controller_ack_flag(ERR_FLAG_OVERTEMP);
 					data_buffer = calibration_acquire_data_start(512UL, &flag);
 					break;
 				} else if (stdin_data[i] == '\x03') {
@ -264,6 +266,7 @@ shellmatta_retCode_t calibration_sequence_shell_cmd(shellmatta_handle_t shell, c
 					ret_val = SHELLMATTA_BUSY;
 					shellmatta_printf(shell, "Measurement...\r\n");
 					safety_controller_ack_flag(ERR_FLAG_MEAS_ADC_WATCHDOG);
+					safety_controller_ack_flag(ERR_FLAG_OVERTEMP);
 					data_buffer = calibration_acquire_data_start(512UL, &flag);
 					break;
 				} else if (stdin_data[i] == '\x03') {
--- a/stm-firmware/include/reflow-controller/safety/safety-config.h
+++ b/stm-firmware/include/reflow-controller/safety/safety-config.h
@ -129,6 +129,11 @@ enum analog_value_monitor {
 #define SAFETY_EXT_WATCHDOG_RCC_MASK RCC_AHB1ENR_GPIODEN
 #define SAFETY_EXT_WATCHDOG_PIN (12)

+/**
+ * @brief Default Limit of the overtemperature detection
+ */
+#define SAFETY_DEFAULT_OVERTEMP_LIMIT_DEGC (260.0f)
+
 /**
 * @brief Key used to lock the safety flags coming from the measurment ADC from external ack'ing
 */
--- a/stm-firmware/include/reflow-controller/safety/safety-controller.h
+++ b/stm-firmware/include/reflow-controller/safety/safety-controller.h
@ -250,7 +250,22 @@ int safety_controller_get_timing_mon_name_by_index(uint32_t index, char *buffer,
 * @brief Get the count of timing monitors
 * @return Timing monitor count
 */
-uint32_t safety_controller_get_timing_monitor_count();
+uint32_t safety_controller_get_timing_monitor_count(void);
+
+/**
+ * @brief Set the overtemperature limit and store it permanently in the EEPROM
+ *
+ * If no EEPROM is present, this will fail. The default value @ref SAFETY_DEFAULT_OVERTEMP_LIMIT_DEGC will be used.
+ * @param over_temperature Over temperature to set
+ * @return 0 if successfully saved and applied, negative if error
+ */
+int safety_controller_configure_overtemp_limit(float over_temperature);
+
+/**
+ * @brief Read the current overtemperature limit.
+ * @return Over temperature limit
+ */
+float safety_controller_get_overtemp_limit(void);

 #endif /* __SAFETY_CONTROLLER_H__ */

--- a/stm-firmware/safety/safety-controller.c
+++ b/stm-firmware/safety/safety-controller.c
@ -41,6 +41,7 @@
 #include <reflow-controller/oven-driver.h>
 #include <helper-macros/helper-macros.h>
 #include <stm-periph/rcc-manager.h>
+#include <reflow-controller/temp-converter.h>

 /**
 * @brief Macro that checks if a given @ref error_flag is persistent
@ -144,6 +145,13 @@ struct analog_mon {
 	uint64_t timestamp;
 };

+struct overtemp_config {
+	uint32_t crc_dummy_seed;
+	float overtemp_deg_celsius;
+	float overtemp_equiv_resistance;
+	uint32_t crc;
+};
+
 /**
 * @brief All safety error flags.
 */
@ -234,6 +242,45 @@ static volatile struct safety_weight IN_SECTION(.ccm.bss) flag_weights[COUNT_OF(
 */
 static uint32_t IN_SECTION(.ccm.bss) flag_weight_crc;

+/**
+ * @brief Configuration struct containing the overtemperature flag configuration
+ */
+static struct overtemp_config IN_SECTION(.ccm.bss) safety_controller_overtemp_config;
+
+/**
+ * @brief Configure the overtemperature flag's settings
+ * @param over_temperature Temperature to set the limit to.
+ */
+static void set_overtemp_config(float over_temperature)
+{
+	int result;
+	float resistance;
+
+	result = temp_convertet_convert_temp_to_resistance(over_temperature, &resistance);
+	/* An error in this function is really bad... */
+	if (result < -1)
+		panic_mode();
+
+	crc_unit_reset();
+	safety_controller_overtemp_config.crc_dummy_seed = 0xA4F5C7E6UL;
+	safety_controller_overtemp_config.overtemp_deg_celsius = over_temperature;
+	safety_controller_overtemp_config.overtemp_equiv_resistance = resistance;
+	crc_unit_input_array((const uint32_t *)&safety_controller_overtemp_config, wordsize_of(struct overtemp_config) - 1);
+	safety_controller_overtemp_config.crc = crc_unit_get_crc();
+}
+
+static bool over_temperature_config_check(void)
+{
+	if (safety_controller_overtemp_config.crc_dummy_seed != 0xA4F5C7E6UL)
+		return true;
+	crc_unit_reset();
+	crc_unit_input_array((const uint32_t *)&safety_controller_overtemp_config, wordsize_of(struct overtemp_config) - 1);
+	if (crc_unit_get_crc() != safety_controller_overtemp_config.crc)
+		return true;
+
+	return false;
+}
+
 /**
 * @brief Convert a flag enum to the flag number.
 *
@ -721,6 +768,9 @@ void safety_controller_init()
 	init_safety_flag_persistencies_from_default();
 	apply_config_overrides();

+	/* Set the default limit of the overtemperature check */
+	set_overtemp_config(SAFETY_DEFAULT_OVERTEMP_LIMIT_DEGC);
+
 	if (found_memory_state == SAFETY_MEMORY_INIT_CORRUPTED)
 		safety_controller_report_error(ERR_FLAG_SAFETY_MEM_CORRUPT);
 	else if (found_memory_state == SAFETY_MEMORY_INIT_VALID_MEMORY) {
@ -842,6 +892,7 @@ static void safety_controller_handle_safety_adc()
 *    Aditionally, the default flag weights are restored from Flash.
 * 3) The flag persistency table is CRC checked. In case of an error, the @ref ERR_FLAG_SAFETY_TAB_CORRUPT flag is set.
 *    Aditionally, the default values of the flag persistence is restored from Flash.
+ * 4) Check the Overtemperature flag configuration structure
 */
 static void safety_controller_handle_memory_checks(void)
 {
@ -870,6 +921,12 @@ static void safety_controller_handle_memory_checks(void)
 			safety_controller_report_error(ERR_FLAG_SAFETY_TAB_CORRUPT);
 			init_safety_flag_persistencies_from_default();
 		}
+
+		/* check overtemp struct */
+		if (over_temperature_config_check()) {
+			safety_controller_report_error(ERR_FLAG_SAFETY_TAB_CORRUPT);
+			set_overtemp_config(SAFETY_DEFAULT_OVERTEMP_LIMIT_DEGC);
+		}
 	}
 }

@ -1220,4 +1277,15 @@ int safety_controller_get_timing_mon_by_index(uint32_t index, struct timing_moni
 	return 0;
 }

+int safety_controller_set_overtemp_limit(float over_temperature)
+{
+	set_overtemp_config(over_temperature);
+	return 0;
+}
+
+float safety_controller_get_overtemp_limit(void)
+{
+	return safety_controller_overtemp_config.overtemp_deg_celsius;
+}
+
 /** @} */